OCSAuthAPIControllerTest.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Björn Schießle <bjoern@schiessle.org>
  6. * @author Robin Appelman <robin@icewind.nl>
  7. *
  8. * @license AGPL-3.0
  9. *
  10. * This code is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License, version 3,
  12. * as published by the Free Software Foundation.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License, version 3,
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>
  21. *
  22. */
  23. namespace OCA\Federation\Tests\Controller;
  24. use OC\BackgroundJob\JobList;
  25. use OCA\Federation\Controller\OCSAuthAPIController;
  26. use OCA\Federation\DbHandler;
  27. use OCA\Federation\TrustedServers;
  28. use OCP\AppFramework\Http;
  29. use OCP\AppFramework\OCS\OCSForbiddenException;
  30. use OCP\ILogger;
  31. use OCP\IRequest;
  32. use OCP\Security\ISecureRandom;
  33. use Test\TestCase;
  34. class OCSAuthAPIControllerTest extends TestCase {
  35. /** @var \PHPUnit_Framework_MockObject_MockObject | IRequest */
  36. private $request;
  37. /** @var \PHPUnit_Framework_MockObject_MockObject | ISecureRandom */
  38. private $secureRandom;
  39. /** @var \PHPUnit_Framework_MockObject_MockObject | JobList */
  40. private $jobList;
  41. /** @var \PHPUnit_Framework_MockObject_MockObject | TrustedServers */
  42. private $trustedServers;
  43. /** @var \PHPUnit_Framework_MockObject_MockObject | DbHandler */
  44. private $dbHandler;
  45. /** @var \PHPUnit_Framework_MockObject_MockObject | ILogger */
  46. private $logger;
  47. /** @var OCSAuthAPIController */
  48. private $ocsAuthApi;
  49. public function setUp() {
  50. parent::setUp();
  51. $this->request = $this->getMockBuilder('OCP\IRequest')->getMock();
  52. $this->secureRandom = $this->getMockBuilder('OCP\Security\ISecureRandom')->getMock();
  53. $this->trustedServers = $this->getMockBuilder('OCA\Federation\TrustedServers')
  54. ->disableOriginalConstructor()->getMock();
  55. $this->dbHandler = $this->getMockBuilder('OCA\Federation\DbHandler')
  56. ->disableOriginalConstructor()->getMock();
  57. $this->jobList = $this->getMockBuilder('OC\BackgroundJob\JobList')
  58. ->disableOriginalConstructor()->getMock();
  59. $this->logger = $this->getMockBuilder('OCP\ILogger')
  60. ->disableOriginalConstructor()->getMock();
  61. $this->ocsAuthApi = new OCSAuthAPIController(
  62. 'federation',
  63. $this->request,
  64. $this->secureRandom,
  65. $this->jobList,
  66. $this->trustedServers,
  67. $this->dbHandler,
  68. $this->logger
  69. );
  70. }
  71. /**
  72. * @dataProvider dataTestRequestSharedSecret
  73. *
  74. * @param string $token
  75. * @param string $localToken
  76. * @param bool $isTrustedServer
  77. * @param bool $ok
  78. */
  79. public function testRequestSharedSecret($token, $localToken, $isTrustedServer, $ok) {
  80. $url = 'url';
  81. $this->trustedServers
  82. ->expects($this->once())
  83. ->method('isTrustedServer')->with($url)->willReturn($isTrustedServer);
  84. $this->dbHandler->expects($this->any())
  85. ->method('getToken')->with($url)->willReturn($localToken);
  86. if ($ok) {
  87. $this->jobList->expects($this->once())->method('add')
  88. ->with('OCA\Federation\BackgroundJob\GetSharedSecret', ['url' => $url, 'token' => $token]);
  89. $this->jobList->expects($this->once())->method('remove')
  90. ->with('OCA\Federation\BackgroundJob\RequestSharedSecret', ['url' => $url, 'token' => $localToken]);
  91. } else {
  92. $this->jobList->expects($this->never())->method('add');
  93. $this->jobList->expects($this->never())->method('remove');
  94. }
  95. try {
  96. $this->ocsAuthApi->requestSharedSecret($url, $token);
  97. $this->assertTrue($ok);
  98. } catch (OCSForbiddenException $e) {
  99. $this->assertFalse($ok);
  100. }
  101. }
  102. public function dataTestRequestSharedSecret() {
  103. return [
  104. ['token2', 'token1', true, true],
  105. ['token1', 'token2', false, false],
  106. ['token1', 'token2', true, false],
  107. ];
  108. }
  109. /**
  110. * @dataProvider dataTestGetSharedSecret
  111. *
  112. * @param bool $isTrustedServer
  113. * @param bool $isValidToken
  114. * @param bool $ok
  115. */
  116. public function testGetSharedSecret($isTrustedServer, $isValidToken, $ok) {
  117. $url = 'url';
  118. $token = 'token';
  119. /** @var OCSAuthAPIController | \PHPUnit_Framework_MockObject_MockObject $ocsAuthApi */
  120. $ocsAuthApi = $this->getMockBuilder('OCA\Federation\Controller\OCSAuthAPIController')
  121. ->setConstructorArgs(
  122. [
  123. 'federation',
  124. $this->request,
  125. $this->secureRandom,
  126. $this->jobList,
  127. $this->trustedServers,
  128. $this->dbHandler,
  129. $this->logger
  130. ]
  131. )->setMethods(['isValidToken'])->getMock();
  132. $this->trustedServers
  133. ->expects($this->any())
  134. ->method('isTrustedServer')->with($url)->willReturn($isTrustedServer);
  135. $ocsAuthApi->expects($this->any())
  136. ->method('isValidToken')->with($url, $token)->willReturn($isValidToken);
  137. if($ok) {
  138. $this->secureRandom->expects($this->once())->method('generate')->with(32)
  139. ->willReturn('secret');
  140. $this->trustedServers->expects($this->once())
  141. ->method('addSharedSecret')->willReturn($url, 'secret');
  142. $this->dbHandler->expects($this->once())
  143. ->method('addToken')->with($url, '');
  144. } else {
  145. $this->secureRandom->expects($this->never())->method('getMediumStrengthGenerator');
  146. $this->secureRandom->expects($this->never())->method('generate');
  147. $this->trustedServers->expects($this->never())->method('addSharedSecret');
  148. $this->dbHandler->expects($this->never())->method('addToken');
  149. }
  150. try {
  151. $result = $ocsAuthApi->getSharedSecret($url, $token);
  152. $this->assertTrue($ok);
  153. $data = $result->getData();
  154. $this->assertSame('secret', $data['sharedSecret']);
  155. } catch (OCSForbiddenException $e) {
  156. $this->assertFalse($ok);
  157. }
  158. }
  159. public function dataTestGetSharedSecret() {
  160. return [
  161. [true, true, true],
  162. [false, true, false],
  163. [true, false, false],
  164. [false, false, false],
  165. ];
  166. }
  167. }